This sample text comes (I believe) from Thomas. It's a bit too technical for the knowledge base, but can be handy to use with admins who continue to push back:
VenueOps approaches security policies using industry standard best practices. Best practices established by standards bodies and compliance organizations, such as NIST and CERT, disallow password visibility to any but the identity credential's owner. A lot of enterprise systems don't hew as strictly to a lot of these guidelines as we do, and allow this sort of action. However, we feel it's in the best interest of ourselves and our clients that VenueOps emphasizes a simple, reliable approach to password self-service via email.
Comments
0 comments
Article is closed for comments.